From 69e2dd2796a2a9856bdadbce93072228fefe2a26 Mon Sep 17 00:00:00 2001 From: Greg Haynes Date: Mon, 28 Oct 2024 17:08:48 +0000 Subject: [PATCH 01/14] Add vcluster-multi-env stack The vcluster-multi-env stack configures a set of vclusters managed by the CNOE ArgoCD which are then enrolled in the CNOE ArgoCD. This enables developing multi-environment workflows on top of CNOE. Signed-off-by: Greg Haynes --- vcluster-multi-env/README.md | 41 ++++++++++ vcluster-multi-env/add-vclusters.sh | 48 ++++++++++++ .../vcluster/application-vcluster.yaml | 39 ++++++++++ vcluster-multi-env/vcluster/ingress.yaml | 27 +++++++ .../vcluster/kustomization.yaml | 3 + vcluster-multi-env/vclusters.yaml | 78 +++++++++++++++++++ 6 files changed, 236 insertions(+) create mode 100644 vcluster-multi-env/README.md create mode 100755 vcluster-multi-env/add-vclusters.sh create mode 100644 vcluster-multi-env/vcluster/application-vcluster.yaml create mode 100644 vcluster-multi-env/vcluster/ingress.yaml create mode 100644 vcluster-multi-env/vcluster/kustomization.yaml create mode 100644 vcluster-multi-env/vclusters.yaml diff --git a/vcluster-multi-env/README.md b/vcluster-multi-env/README.md new file mode 100644 index 0000000..42dceba --- /dev/null +++ b/vcluster-multi-env/README.md @@ -0,0 +1,41 @@ +# IDP Builder Multi-Environment + +Multi-environment emulation on top of CNOE. + +# Configuring Clusters + +By default, this stack creates two vclusters (staging and production). If you +desire a different configuration you can edit the following list in +`vclusters.yaml`: + +```yaml + generators: + - list: + elements: + - name: staging + - name: production +``` + +# Running + +```bash +# Create CNOE deployment with vcluster-multi-env stack +idpbuilder create -p vcluster-multi-env + +# Enroll vclusters in ArgoCD +./vcluster-multi-env/add-vclusters.sh +``` + +# Using + +Your CNOE ArgoCD should now have a cluster enrolled for each configured +vcluster (staging and production by default). These clusters will have the +following labels for your use: + +```yaml + cnoe.io/vclusterMultiEnv/clusterClass: "app-runtime" + cnoe.io/vclusterMultiEnv/clusterName: "${cluster_name}" +``` + +You may now target them using, for example, an ArgoCD ApplicationSet cluster +generator which matches these labels. diff --git a/vcluster-multi-env/add-vclusters.sh b/vcluster-multi-env/add-vclusters.sh new file mode 100755 index 0000000..78d6d96 --- /dev/null +++ b/vcluster-multi-env/add-vclusters.sh @@ -0,0 +1,48 @@ +#! /bin/bash + +set -eu + +vcluster_app_names=$(kubectl get application -A -l cnoe.io/applicationName=vcluster-package,cnoe.io/stackName=vcluster-multi-env --no-headers -o custom-columns=":metadata.name") +environments=$(echo "$vcluster_app_names" | cut -f 1 -d '-') + +for env in $environments; do + cluster_name=$env + + echo "Checking readiness for ${cluster_name} vcluster..." + + until kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm &> /dev/null; do + echo "Waiting for ${cluster_name} vcluster secret to be ready..." + sleep 10 + done + + echo "${cluster_name} vcluster is ready. Retrieving credentials..." + client_key=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "client-key" }}') + client_certificate=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "client-certificate" }}') + certificate_authority=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "certificate-authority" }}') + + kubectl apply -f - < Date: Fri, 1 Nov 2024 12:16:55 -0700 Subject: [PATCH 02/14] Add vcluster-multi-env stack (#44) Signed-off-by: Greg Haynes --- vcluster-multi-env/README.md | 41 ++++++++++ vcluster-multi-env/add-vclusters.sh | 48 ++++++++++++ .../vcluster/application-vcluster.yaml | 39 ++++++++++ vcluster-multi-env/vcluster/ingress.yaml | 27 +++++++ .../vcluster/kustomization.yaml | 3 + vcluster-multi-env/vclusters.yaml | 78 +++++++++++++++++++ 6 files changed, 236 insertions(+) create mode 100644 vcluster-multi-env/README.md create mode 100755 vcluster-multi-env/add-vclusters.sh create mode 100644 vcluster-multi-env/vcluster/application-vcluster.yaml create mode 100644 vcluster-multi-env/vcluster/ingress.yaml create mode 100644 vcluster-multi-env/vcluster/kustomization.yaml create mode 100644 vcluster-multi-env/vclusters.yaml diff --git a/vcluster-multi-env/README.md b/vcluster-multi-env/README.md new file mode 100644 index 0000000..42dceba --- /dev/null +++ b/vcluster-multi-env/README.md @@ -0,0 +1,41 @@ +# IDP Builder Multi-Environment + +Multi-environment emulation on top of CNOE. + +# Configuring Clusters + +By default, this stack creates two vclusters (staging and production). If you +desire a different configuration you can edit the following list in +`vclusters.yaml`: + +```yaml + generators: + - list: + elements: + - name: staging + - name: production +``` + +# Running + +```bash +# Create CNOE deployment with vcluster-multi-env stack +idpbuilder create -p vcluster-multi-env + +# Enroll vclusters in ArgoCD +./vcluster-multi-env/add-vclusters.sh +``` + +# Using + +Your CNOE ArgoCD should now have a cluster enrolled for each configured +vcluster (staging and production by default). These clusters will have the +following labels for your use: + +```yaml + cnoe.io/vclusterMultiEnv/clusterClass: "app-runtime" + cnoe.io/vclusterMultiEnv/clusterName: "${cluster_name}" +``` + +You may now target them using, for example, an ArgoCD ApplicationSet cluster +generator which matches these labels. diff --git a/vcluster-multi-env/add-vclusters.sh b/vcluster-multi-env/add-vclusters.sh new file mode 100755 index 0000000..78d6d96 --- /dev/null +++ b/vcluster-multi-env/add-vclusters.sh @@ -0,0 +1,48 @@ +#! /bin/bash + +set -eu + +vcluster_app_names=$(kubectl get application -A -l cnoe.io/applicationName=vcluster-package,cnoe.io/stackName=vcluster-multi-env --no-headers -o custom-columns=":metadata.name") +environments=$(echo "$vcluster_app_names" | cut -f 1 -d '-') + +for env in $environments; do + cluster_name=$env + + echo "Checking readiness for ${cluster_name} vcluster..." + + until kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm &> /dev/null; do + echo "Waiting for ${cluster_name} vcluster secret to be ready..." + sleep 10 + done + + echo "${cluster_name} vcluster is ready. Retrieving credentials..." + client_key=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "client-key" }}') + client_certificate=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "client-certificate" }}') + certificate_authority=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "certificate-authority" }}') + + kubectl apply -f - < Date: Mon, 11 Nov 2024 14:39:55 +0100 Subject: [PATCH 03/14] openbao --- .../open-bao_20241111142831.yaml | 21 + .../open-bao_20241111142912.yaml | 21 + .../open-bao_20241111142943.yaml | 22 ++ .../open-bao_20241111142944.yaml | 22 ++ .../open-bao_20241111142947.yaml | 21 + .../open-bao_20241111142957.yaml | 21 + .../open-bao_20241111143101.yaml | 21 + .../openbao_20241111143100.yaml | 21 + .../openbao_20241111143152.yaml | 21 + .../openbao_20241111143207.yaml | 21 + ref-implementation/openbao.yaml | 21 + .../openbao/manifests/ingress.yaml | 30 ++ .../openbao/manifests/install.yaml | 164 ++++++++ .../openbao/manifests/keycloak-config.yaml | 366 ++++++++++++++++++ .../openbao/manifests/secret-gen.yaml | 179 +++++++++ 15 files changed, 972 insertions(+) create mode 100644 .history/ref-implementation/open-bao_20241111142831.yaml create mode 100644 .history/ref-implementation/open-bao_20241111142912.yaml create mode 100644 .history/ref-implementation/open-bao_20241111142943.yaml create mode 100644 .history/ref-implementation/open-bao_20241111142944.yaml create mode 100644 .history/ref-implementation/open-bao_20241111142947.yaml create mode 100644 .history/ref-implementation/open-bao_20241111142957.yaml create mode 100644 .history/ref-implementation/open-bao_20241111143101.yaml create mode 100644 .history/ref-implementation/openbao_20241111143100.yaml create mode 100644 .history/ref-implementation/openbao_20241111143152.yaml create mode 100644 .history/ref-implementation/openbao_20241111143207.yaml create mode 100644 ref-implementation/openbao.yaml create mode 100644 ref-implementation/openbao/manifests/ingress.yaml create mode 100644 ref-implementation/openbao/manifests/install.yaml create mode 100644 ref-implementation/openbao/manifests/keycloak-config.yaml create mode 100644 ref-implementation/openbao/manifests/secret-gen.yaml diff --git a/.history/ref-implementation/open-bao_20241111142831.yaml b/.history/ref-implementation/open-bao_20241111142831.yaml new file mode 100644 index 0000000..d279bc5 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142831.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: keycloak + namespace: argocd + labels: + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142912.yaml b/.history/ref-implementation/open-bao_20241111142912.yaml new file mode 100644 index 0000000..0d8f748 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142912.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142943.yaml b/.history/ref-implementation/open-bao_20241111142943.yaml new file mode 100644 index 0000000..38a34a4 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142943.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142944.yaml b/.history/ref-implementation/open-bao_20241111142944.yaml new file mode 100644 index 0000000..7249de0 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142944.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142947.yaml b/.history/ref-implementation/open-bao_20241111142947.yaml new file mode 100644 index 0000000..3aa23e8 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142947.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142957.yaml b/.history/ref-implementation/open-bao_20241111142957.yaml new file mode 100644 index 0000000..a557757 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142957.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111143101.yaml b/.history/ref-implementation/open-bao_20241111143101.yaml new file mode 100644 index 0000000..a132e8d --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111143101.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111143100.yaml b/.history/ref-implementation/openbao_20241111143100.yaml new file mode 100644 index 0000000..a132e8d --- /dev/null +++ b/.history/ref-implementation/openbao_20241111143100.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111143152.yaml b/.history/ref-implementation/openbao_20241111143152.yaml new file mode 100644 index 0000000..aa23be6 --- /dev/null +++ b/.history/ref-implementation/openbao_20241111143152.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111143207.yaml b/.history/ref-implementation/openbao_20241111143207.yaml new file mode 100644 index 0000000..8a632d4 --- /dev/null +++ b/.history/ref-implementation/openbao_20241111143207.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/ref-implementation/openbao.yaml b/ref-implementation/openbao.yaml new file mode 100644 index 0000000..8a632d4 --- /dev/null +++ b/ref-implementation/openbao.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/ref-implementation/openbao/manifests/ingress.yaml b/ref-implementation/openbao/manifests/ingress.yaml new file mode 100644 index 0000000..abaf181 --- /dev/null +++ b/ref-implementation/openbao/manifests/ingress.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak-ingress-localhost + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "100" +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/ref-implementation/openbao/manifests/install.yaml b/ref-implementation/openbao/manifests/install.yaml new file mode 100644 index 0000000..ed3b799 --- /dev/null +++ b/ref-implementation/openbao/manifests/install.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/ref-implementation/openbao/manifests/keycloak-config.yaml b/ref-implementation/openbao/manifests/keycloak-config.yaml new file mode 100644 index 0000000..4bb098e --- /dev/null +++ b/ref-implementation/openbao/manifests/keycloak-config.yaml @@ -0,0 +1,366 @@ +# resources here are used to configure keycloak instance for SSO +apiVersion: v1 +kind: ServiceAccount +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: keycloak-config + namespace: keycloak +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "update", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: keycloak-config + namespace: keycloak +subjects: + - kind: ServiceAccount + name: keycloak-config + namespace: keycloak +roleRef: + kind: Role + name: keycloak-config + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: keycloak-config + namespace: argocd +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: keycloak-config + namespace: argocd +subjects: + - kind: ServiceAccount + name: keycloak-config + namespace: keycloak +roleRef: + kind: Role + name: keycloak-config + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-job + namespace: keycloak +data: + client-scope-groups-payload.json: | + { + "name": "groups", + "description": "groups a user belongs to", + "attributes": { + "consent.screen.text": "Access to groups a user belongs to.", + "display.on.consent.screen": "true", + "include.in.token.scope": "true", + "gui.order": "" + }, + "type": "default", + "protocol": "openid-connect" + } + group-admin-payload.json: | + {"name":"admin"} + group-base-user-payload.json: | + {"name":"base-user"} + group-mapper-payload.json: | + { + "protocol": "openid-connect", + "protocolMapper": "oidc-group-membership-mapper", + "name": "groups", + "config": { + "claim.name": "groups", + "full.path": "false", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + realm-payload.json: | + {"realm":"cnoe","enabled":true} + user-password.json: | + { + "temporary": false, + "type": "password", + "value": "${USER1_PASSWORD}" + } + user-user1.json: | + { + "username": "user1", + "email": "", + "firstName": "user", + "lastName": "one", + "requiredActions": [], + "emailVerified": false, + "groups": [ + "/admin" + ], + "enabled": true + } + user-user2.json: | + { + "username": "user2", + "email": "", + "firstName": "user", + "lastName": "two", + "requiredActions": [], + "emailVerified": false, + "groups": [ + "/base-user" + ], + "enabled": true + } + argo-client-payload.json: | + { + "protocol": "openid-connect", + "clientId": "argo-workflows", + "name": "Argo Workflows Client", + "description": "Used for Argo Workflows SSO", + "publicClient": false, + "authorizationServicesEnabled": false, + "serviceAccountsEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "standardFlowEnabled": true, + "frontchannelLogout": true, + "attributes": { + "saml_idp_initiated_sso_url_name": "", + "oauth2.device.authorization.grant.enabled": false, + "oidc.ciba.grant.enabled": false + }, + "alwaysDisplayInConsole": false, + "rootUrl": "", + "baseUrl": "", + "redirectUris": [ + "https://cnoe.localtest.me:8443/argo-workflows/oauth2/callback" + ], + "webOrigins": [ + "/*" + ] + } + + backstage-client-payload.json: | + { + "protocol": "openid-connect", + "clientId": "backstage", + "name": "Backstage Client", + "description": "Used for Backstage SSO", + "publicClient": false, + "authorizationServicesEnabled": false, + "serviceAccountsEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "standardFlowEnabled": true, + "frontchannelLogout": true, + "attributes": { + "saml_idp_initiated_sso_url_name": "", + "oauth2.device.authorization.grant.enabled": false, + "oidc.ciba.grant.enabled": false + }, + "alwaysDisplayInConsole": false, + "rootUrl": "", + "baseUrl": "", + "redirectUris": [ + "https://cnoe.localtest.me:8443/api/auth/keycloak-oidc/handler/frame" + ], + "webOrigins": [ + "/*" + ] + } + +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: config + namespace: keycloak + annotations: + argocd.argoproj.io/hook: PostSync +spec: + template: + metadata: + generateName: config + spec: + serviceAccountName: keycloak-config + restartPolicy: Never + volumes: + - name: keycloak-config + secret: + secretName: keycloak-config + - name: config-payloads + configMap: + name: config-job + containers: + - name: kubectl + image: docker.io/library/ubuntu:22.04 + volumeMounts: + - name: keycloak-config + readOnly: true + mountPath: "/var/secrets/" + - name: config-payloads + readOnly: true + mountPath: "/var/config/" + command: ["/bin/bash", "-c"] + args: + - | + #! /bin/bash + + set -ex -o pipefail + + apt -qq update && apt -qq install curl jq -y + + ADMIN_PASSWORD=$(cat /var/secrets/KEYCLOAK_ADMIN_PASSWORD) + USER1_PASSWORD=$(cat /var/secrets/USER_PASSWORD) + + KEYCLOAK_URL=http://keycloak.keycloak.svc.cluster.local:8080/keycloak + + KEYCLOAK_TOKEN=$(curl -sS --fail-with-body -X POST -H "Content-Type: application/x-www-form-urlencoded" \ + --data-urlencode "username=cnoe-admin" \ + --data-urlencode "password=${ADMIN_PASSWORD}" \ + --data-urlencode "grant_type=password" \ + --data-urlencode "client_id=admin-cli" \ + ${KEYCLOAK_URL}/realms/master/protocol/openid-connect/token | jq -e -r '.access_token') + + set +e + + curl --fail-with-body -H "Authorization: bearer ${KEYCLOAK_TOKEN}" "${KEYCLOAK_URL}/admin/realms/cnoe" &> /dev/null + if [ $? -eq 0 ]; then + exit 0 + fi + set -e + + curl -sS -LO "https://dl.k8s.io/release/v1.28.3//bin/linux/amd64/kubectl" + chmod +x kubectl + + echo "creating cnoe realm and groups" + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/realm-payload.json \ + ${KEYCLOAK_URL}/admin/realms + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/client-scope-groups-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/group-admin-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/groups + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/group-base-user-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/groups + + # Create scope mapper + echo 'adding group claim to tokens' + CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/group-mapper-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes/${CLIENT_SCOPE_GROUPS_ID}/protocol-mappers/models + + echo "creating test users" + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/user-user1.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/users + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/user-user2.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/users + + USER1ID=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" "${KEYCLOAK_URL}/admin/realms/cnoe/users?lastName=one" | jq -r '.[0].id') + USER2ID=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" "${KEYCLOAK_URL}/admin/realms/cnoe/users?lastName=two" | jq -r '.[0].id') + + echo "setting user passwords" + jq -r --arg pass ${USER1_PASSWORD} '.value = $pass' /var/config/user-password.json > /tmp/user-password-to-be-applied.json + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X PUT --data @/tmp/user-password-to-be-applied.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/users/${USER1ID}/reset-password + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X PUT --data @/tmp/user-password-to-be-applied.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/users/${USER2ID}/reset-password + + echo "creating Argo Workflows client" + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/argo-client-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/clients + + CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "argo-workflows") | .id') + CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') + + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID} + + ARGO_WORKFLOWS_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret') + + echo "creating Backstage client" + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/backstage-client-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/clients + + CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "backstage") | .id') + + CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') + curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID} + + BACKSTAGE_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret') + + ARGOCD_PASSWORD=$(./kubectl -n argocd get secret argocd-initial-admin-secret -o go-template='{{.data.password | base64decode }}') + + ARGOCD_SESSION_TOKEN=$(curl -k -sS http://argocd-server.argocd.svc.cluster.local:443/api/v1/session -H 'Content-Type: application/json' -d "{\"username\":\"admin\",\"password\":\"${ARGOCD_PASSWORD}\"}" | jq -r .token) + + echo \ + "apiVersion: v1 + kind: Secret + metadata: + name: keycloak-clients + namespace: keycloak + type: Opaque + stringData: + ARGO_WORKFLOWS_CLIENT_SECRET: ${ARGO_WORKFLOWS_CLIENT_SECRET} + ARGO_WORKFLOWS_CLIENT_ID: argo-workflows + ARGOCD_SESSION_TOKEN: ${ARGOCD_SESSION_TOKEN} + BACKSTAGE_CLIENT_SECRET: ${BACKSTAGE_CLIENT_SECRET} + BACKSTAGE_CLIENT_ID: backstage + " > /tmp/secret.yaml + + ./kubectl apply -f /tmp/secret.yaml + diff --git a/ref-implementation/openbao/manifests/secret-gen.yaml b/ref-implementation/openbao/manifests/secret-gen.yaml new file mode 100644 index 0000000..f7bf8c9 --- /dev/null +++ b/ref-implementation/openbao/manifests/secret-gen.yaml @@ -0,0 +1,179 @@ +apiVersion: generators.external-secrets.io/v1alpha1 +kind: Password +metadata: + name: keycloak + namespace: keycloak +spec: + length: 36 + digits: 5 + symbols: 5 + symbolCharacters: "/-+" + noUpper: false + allowRepeat: true +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: keycloak-config + namespace: keycloak +spec: + refreshInterval: "0" + target: + name: keycloak-config + template: + metadata: + labels: + cnoe.io/cli-secret: "true" + cnoe.io/package-name: keycloak + engineVersion: v2 + data: + KEYCLOAK_ADMIN_PASSWORD: "{{.KEYCLOAK_ADMIN_PASSWORD}}" + KC_DB_USERNAME: keycloak + KC_DB_PASSWORD: "{{.KC_DB_PASSWORD}}" + POSTGRES_DB: keycloak + POSTGRES_USER: keycloak + POSTGRES_PASSWORD: "{{.KC_DB_PASSWORD}}" + USER_PASSWORD: "{{.USER_PASSWORD}}" + dataFrom: + - sourceRef: + generatorRef: + apiVersion: generators.external-secrets.io/v1alpha1 + kind: Password + name: keycloak + rewrite: + - transform: + template: "KEYCLOAK_ADMIN_PASSWORD" + - sourceRef: + generatorRef: + apiVersion: generators.external-secrets.io/v1alpha1 + kind: Password + name: keycloak + rewrite: + - transform: + template: "KC_DB_PASSWORD" + - sourceRef: + generatorRef: + apiVersion: generators.external-secrets.io/v1alpha1 + kind: Password + name: keycloak + rewrite: + - transform: + template: "USER_PASSWORD" +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: eso-store + namespace: keycloak +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: keycloak + name: eso-store +rules: + - apiGroups: [""] + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - authorization.k8s.io + resources: + - selfsubjectrulesreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: eso-store + namespace: keycloak +subjects: + - kind: ServiceAccount + name: eso-store + namespace: keycloak +roleRef: + kind: Role + name: eso-store + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: external-secrets.io/v1beta1 +kind: ClusterSecretStore +metadata: + name: keycloak +spec: + provider: + kubernetes: + remoteNamespace: keycloak + server: + caProvider: + type: ConfigMap + name: kube-root-ca.crt + namespace: keycloak + key: ca.crt + auth: + serviceAccount: + name: eso-store + namespace: keycloak +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: eso-store + namespace: gitea +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: eso-store + namespace: gitea +rules: + - apiGroups: [""] + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - authorization.k8s.io + resources: + - selfsubjectrulesreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: eso-store + namespace: gitea +subjects: + - kind: ServiceAccount + name: eso-store + namespace: gitea +roleRef: + kind: Role + name: eso-store + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: external-secrets.io/v1beta1 +kind: ClusterSecretStore +metadata: + name: gitea +spec: + provider: + kubernetes: + remoteNamespace: gitea + server: + caProvider: + type: ConfigMap + name: kube-root-ca.crt + namespace: gitea + key: ca.crt + auth: + serviceAccount: + name: eso-store + namespace: gitea From 6157854f504926991192fffd7bc524537c27961d Mon Sep 17 00:00:00 2001 From: miwr Date: Mon, 11 Nov 2024 14:54:14 +0100 Subject: [PATCH 04/14] test --- .../entities/catalog-info_20241111142553.yaml | 19 ++++++++++++++++++ .../entities/catalog-info_20241111145410.yaml | 20 +++++++++++++++++++ .../entities/catalog-info.yaml | 1 + 3 files changed, 40 insertions(+) create mode 100644 .history/ref-implementation/backstage-templates/entities/catalog-info_20241111142553.yaml create mode 100644 .history/ref-implementation/backstage-templates/entities/catalog-info_20241111145410.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111142553.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111142553.yaml new file mode 100644 index 0000000..f49a7bb --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111142553.yaml @@ -0,0 +1,19 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145410.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145410.yaml new file mode 100644 index 0000000..ff05253 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145410.yaml @@ -0,0 +1,20 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/ref-implementation/backstage-templates/entities/catalog-info.yaml b/ref-implementation/backstage-templates/entities/catalog-info.yaml index f49a7bb..ff05253 100644 --- a/ref-implementation/backstage-templates/entities/catalog-info.yaml +++ b/ref-implementation/backstage-templates/entities/catalog-info.yaml @@ -8,6 +8,7 @@ spec: - ./basic/template.yaml - ./argo-workflows/template.yaml - ./app-with-bucket/template.yaml + - ./app-with-bucket/template.yaml --- apiVersion: backstage.io/v1alpha1 kind: Location From 2d083b9f40609ae8e1ce1b414066bf19c7ec3c32 Mon Sep 17 00:00:00 2001 From: miwr Date: Mon, 11 Nov 2024 14:55:28 +0100 Subject: [PATCH 05/14] template --- .../entities/catalog-info_20241111145445.yaml | 19 ++++++ .../entities/catalog-info_20241111145519.yaml | 21 +++++++ .../entities/catalog-info_20241111145520.yaml | 21 +++++++ .../entities/catalog-info_20241111145522.yaml | 20 +++++++ .../entities/basic/template2.yaml | 58 +++++++++++++++++++ .../entities/catalog-info.yaml | 2 +- 6 files changed, 140 insertions(+), 1 deletion(-) create mode 100644 .history/ref-implementation/backstage-templates/entities/catalog-info_20241111145445.yaml create mode 100644 .history/ref-implementation/backstage-templates/entities/catalog-info_20241111145519.yaml create mode 100644 .history/ref-implementation/backstage-templates/entities/catalog-info_20241111145520.yaml create mode 100644 .history/ref-implementation/backstage-templates/entities/catalog-info_20241111145522.yaml create mode 100644 ref-implementation/backstage-templates/entities/basic/template2.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145445.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145445.yaml new file mode 100644 index 0000000..f49a7bb --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145445.yaml @@ -0,0 +1,19 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145519.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145519.yaml new file mode 100644 index 0000000..740bc62 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145519.yaml @@ -0,0 +1,21 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145520.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145520.yaml new file mode 100644 index 0000000..8e7eff6 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145520.yaml @@ -0,0 +1,21 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + + - ./basic/template2.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145522.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145522.yaml new file mode 100644 index 0000000..3bf5a42 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145522.yaml @@ -0,0 +1,20 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./basic/template2.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/ref-implementation/backstage-templates/entities/basic/template2.yaml b/ref-implementation/backstage-templates/entities/basic/template2.yaml new file mode 100644 index 0000000..f75743b --- /dev/null +++ b/ref-implementation/backstage-templates/entities/basic/template2.yaml @@ -0,0 +1,58 @@ +apiVersion: scaffolder.backstage.io/v1beta3 +kind: Template +metadata: + description: Creates a Basic Kubernetes Deployment + name: basic + title: Create a Basic Deployment +spec: + owner: guests + type: service + parameters: + - title: Configuration Options + required: + - name + properties: + name: + type: string + description: name of this application + + steps: + - id: template + name: Generating component + action: fetch:template + input: + url: ./skeleton + values: + name: ${{parameters.name}} + + - id: publish + name: Publishing to a gitea git repository + action: publish:gitea + input: + description: This is an example app + # Hard coded value for this demo purposes only. + repoUrl: cnoe.localtest.me:8443/gitea?repo=${{parameters.name}} + defaultBranch: main + - id: create-argocd-app + name: Create ArgoCD App + action: cnoe:create-argocd-app + input: + appName: ${{parameters.name}} + appNamespace: ${{parameters.name}} + argoInstance: in-cluster + projectName: default + # necessary until we generate our own cert + repoUrl: https://cnoe.localtest.me:8443/gitea/giteaAdmin/${{parameters.name}} + path: "manifests" + - id: register + name: Register + action: catalog:register + input: + repoContentsUrl: ${{ steps['publish'].output.repoContentsUrl }} + catalogInfoPath: 'catalog-info.yaml' + + output: + links: + - title: Open in catalog + icon: catalog + entityRef: ${{ steps['register'].output.entityRef }} diff --git a/ref-implementation/backstage-templates/entities/catalog-info.yaml b/ref-implementation/backstage-templates/entities/catalog-info.yaml index ff05253..3bf5a42 100644 --- a/ref-implementation/backstage-templates/entities/catalog-info.yaml +++ b/ref-implementation/backstage-templates/entities/catalog-info.yaml @@ -6,9 +6,9 @@ metadata: spec: targets: - ./basic/template.yaml + - ./basic/template2.yaml - ./argo-workflows/template.yaml - ./app-with-bucket/template.yaml - - ./app-with-bucket/template.yaml --- apiVersion: backstage.io/v1alpha1 kind: Location From 2a6b10f007e85ea3b2cbb330072f491aa8e78cb8 Mon Sep 17 00:00:00 2001 From: miwr Date: Tue, 12 Nov 2024 10:40:11 +0100 Subject: [PATCH 06/14] let's go --- .../entities/catalog-info_20241111145551.yaml | 19 ++++++ .../openbao_20241111150421.yaml | 21 +++++++ .../openbao_20241111150423.yaml | 21 +++++++ .../openbao_20241112103833.yaml | 19 ++++++ .../openbao_20241112103904.yaml | 19 ++++++ .../openbao_20241112103909.yaml | 19 ++++++ .../openbao_20241112103930.yaml | 19 ++++++ .../openbao_20241112103938.yaml | 19 ++++++ .../openbao_20241112103940.yaml | 19 ++++++ .../entities/basic/template2.yaml | 58 ------------------- .../entities/catalog-info.yaml | 1 - ref-implementation/openbao.yaml | 8 +-- 12 files changed, 178 insertions(+), 64 deletions(-) create mode 100644 .history/ref-implementation/backstage-templates/entities/catalog-info_20241111145551.yaml create mode 100644 .history/ref-implementation/openbao_20241111150421.yaml create mode 100644 .history/ref-implementation/openbao_20241111150423.yaml create mode 100644 .history/ref-implementation/openbao_20241112103833.yaml create mode 100644 .history/ref-implementation/openbao_20241112103904.yaml create mode 100644 .history/ref-implementation/openbao_20241112103909.yaml create mode 100644 .history/ref-implementation/openbao_20241112103930.yaml create mode 100644 .history/ref-implementation/openbao_20241112103938.yaml create mode 100644 .history/ref-implementation/openbao_20241112103940.yaml delete mode 100644 ref-implementation/backstage-templates/entities/basic/template2.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145551.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145551.yaml new file mode 100644 index 0000000..f49a7bb --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145551.yaml @@ -0,0 +1,19 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/openbao_20241111150421.yaml b/.history/ref-implementation/openbao_20241111150421.yaml new file mode 100644 index 0000000..ecce75a --- /dev/null +++ b/.history/ref-implementation/openbao_20241111150421.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + example: dev +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111150423.yaml b/.history/ref-implementation/openbao_20241111150423.yaml new file mode 100644 index 0000000..8a632d4 --- /dev/null +++ b/.history/ref-implementation/openbao_20241111150423.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103833.yaml b/.history/ref-implementation/openbao_20241112103833.yaml new file mode 100644 index 0000000..d06ab5e --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103833.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103904.yaml b/.history/ref-implementation/openbao_20241112103904.yaml new file mode 100644 index 0000000..8bcfa6f --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103904.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103909.yaml b/.history/ref-implementation/openbao_20241112103909.yaml new file mode 100644 index 0000000..997633d --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103909.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103930.yaml b/.history/ref-implementation/openbao_20241112103930.yaml new file mode 100644 index 0000000..8d19f61 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103930.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103938.yaml b/.history/ref-implementation/openbao_20241112103938.yaml new file mode 100644 index 0000000..76b59a3 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103938.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103940.yaml b/.history/ref-implementation/openbao_20241112103940.yaml new file mode 100644 index 0000000..8d19f61 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103940.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/ref-implementation/backstage-templates/entities/basic/template2.yaml b/ref-implementation/backstage-templates/entities/basic/template2.yaml deleted file mode 100644 index f75743b..0000000 --- a/ref-implementation/backstage-templates/entities/basic/template2.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: scaffolder.backstage.io/v1beta3 -kind: Template -metadata: - description: Creates a Basic Kubernetes Deployment - name: basic - title: Create a Basic Deployment -spec: - owner: guests - type: service - parameters: - - title: Configuration Options - required: - - name - properties: - name: - type: string - description: name of this application - - steps: - - id: template - name: Generating component - action: fetch:template - input: - url: ./skeleton - values: - name: ${{parameters.name}} - - - id: publish - name: Publishing to a gitea git repository - action: publish:gitea - input: - description: This is an example app - # Hard coded value for this demo purposes only. - repoUrl: cnoe.localtest.me:8443/gitea?repo=${{parameters.name}} - defaultBranch: main - - id: create-argocd-app - name: Create ArgoCD App - action: cnoe:create-argocd-app - input: - appName: ${{parameters.name}} - appNamespace: ${{parameters.name}} - argoInstance: in-cluster - projectName: default - # necessary until we generate our own cert - repoUrl: https://cnoe.localtest.me:8443/gitea/giteaAdmin/${{parameters.name}} - path: "manifests" - - id: register - name: Register - action: catalog:register - input: - repoContentsUrl: ${{ steps['publish'].output.repoContentsUrl }} - catalogInfoPath: 'catalog-info.yaml' - - output: - links: - - title: Open in catalog - icon: catalog - entityRef: ${{ steps['register'].output.entityRef }} diff --git a/ref-implementation/backstage-templates/entities/catalog-info.yaml b/ref-implementation/backstage-templates/entities/catalog-info.yaml index 3bf5a42..f49a7bb 100644 --- a/ref-implementation/backstage-templates/entities/catalog-info.yaml +++ b/ref-implementation/backstage-templates/entities/catalog-info.yaml @@ -6,7 +6,6 @@ metadata: spec: targets: - ./basic/template.yaml - - ./basic/template2.yaml - ./argo-workflows/template.yaml - ./app-with-bucket/template.yaml --- diff --git a/ref-implementation/openbao.yaml b/ref-implementation/openbao.yaml index 8a632d4..8d19f61 100644 --- a/ref-implementation/openbao.yaml +++ b/ref-implementation/openbao.yaml @@ -3,16 +3,14 @@ kind: Application metadata: name: openbao namespace: argocd - labels: - env: dev spec: destination: namespace: openbao server: "https://kubernetes.default.svc" source: - repoURL: cnoe://openbao/manifests - targetRevision: HEAD - path: "." + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" project: default syncPolicy: automated: From 67a67174a598e506912a1f5476093d11d67bf2f2 Mon Sep 17 00:00:00 2001 From: miwr Date: Tue, 12 Nov 2024 11:15:26 +0100 Subject: [PATCH 07/14] hopefully it will work now --- .../maniek_20241112110416.yml | 0 .../maniek_20241112110417.yml | 35 ++ .../manifests/manifest_20241112110416.yml | 35 ++ .../manifests/manifest_20241112110859.yml | 35 ++ .../manifests/manifest_20241112110906.yml | 35 ++ .../manifests/manifest_20241112110950.yml | 41 ++ .../manifests/manifest_20241112110952.yml | 35 ++ .../manifests/manifest_20241112110953.yml | 35 ++ .../openbao_20241112110613.yaml | 19 + .../openbao_20241112110615.yaml | 19 + .../openbao_20241112110641.yaml | 19 + .../openbao_20241112110645.yaml | 19 + .../openbao_20241112110651.yaml | 19 + .../openbao_20241112110747.yaml | 19 + .../openbao_20241112110753.yaml | 19 + ref-implementation/openbao.yaml | 6 +- .../openbao/manifests/ingress.yaml | 30 -- .../openbao/manifests/install.yaml | 164 -------- .../openbao/manifests/keycloak-config.yaml | 366 ------------------ .../openbao/manifests/manifest.yml | 35 ++ .../openbao/manifests/secret-gen.yaml | 179 --------- 21 files changed, 422 insertions(+), 742 deletions(-) create mode 100644 .history/ref-implementation/maniek_20241112110416.yml create mode 100644 .history/ref-implementation/maniek_20241112110417.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112110416.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112110859.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112110906.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112110950.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112110952.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112110953.yml create mode 100644 .history/ref-implementation/openbao_20241112110613.yaml create mode 100644 .history/ref-implementation/openbao_20241112110615.yaml create mode 100644 .history/ref-implementation/openbao_20241112110641.yaml create mode 100644 .history/ref-implementation/openbao_20241112110645.yaml create mode 100644 .history/ref-implementation/openbao_20241112110651.yaml create mode 100644 .history/ref-implementation/openbao_20241112110747.yaml create mode 100644 .history/ref-implementation/openbao_20241112110753.yaml delete mode 100644 ref-implementation/openbao/manifests/ingress.yaml delete mode 100644 ref-implementation/openbao/manifests/install.yaml delete mode 100644 ref-implementation/openbao/manifests/keycloak-config.yaml create mode 100644 ref-implementation/openbao/manifests/manifest.yml delete mode 100644 ref-implementation/openbao/manifests/secret-gen.yaml diff --git a/.history/ref-implementation/maniek_20241112110416.yml b/.history/ref-implementation/maniek_20241112110416.yml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/maniek_20241112110417.yml b/.history/ref-implementation/maniek_20241112110417.yml new file mode 100644 index 0000000..81ab8ad --- /dev/null +++ b/.history/ref-implementation/maniek_20241112110417.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110416.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110416.yml new file mode 100644 index 0000000..81ab8ad --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110416.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110859.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110859.yml new file mode 100644 index 0000000..d68ae99 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110859.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110906.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110906.yml new file mode 100644 index 0000000..3f9ba3f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110906.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110950.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110950.yml new file mode 100644 index 0000000..9fdb23b --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110950.yml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110952.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110952.yml new file mode 100644 index 0000000..3f9ba3f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110952.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110953.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110953.yml new file mode 100644 index 0000000..8ec577d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110953.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao_20241112110613.yaml b/.history/ref-implementation/openbao_20241112110613.yaml new file mode 100644 index 0000000..0ff12a4 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110613.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + //repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110615.yaml b/.history/ref-implementation/openbao_20241112110615.yaml new file mode 100644 index 0000000..dd920ca --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110615.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + # repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110641.yaml b/.history/ref-implementation/openbao_20241112110641.yaml new file mode 100644 index 0000000..8d19f61 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110641.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110645.yaml b/.history/ref-implementation/openbao_20241112110645.yaml new file mode 100644 index 0000000..acc1c64 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110645.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110651.yaml b/.history/ref-implementation/openbao_20241112110651.yaml new file mode 100644 index 0000000..627b1fd --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110651.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: main + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110747.yaml b/.history/ref-implementation/openbao_20241112110747.yaml new file mode 100644 index 0000000..e398adc --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110747.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110753.yaml b/.history/ref-implementation/openbao_20241112110753.yaml new file mode 100644 index 0000000..d06ab5e --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110753.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/ref-implementation/openbao.yaml b/ref-implementation/openbao.yaml index 8d19f61..d06ab5e 100644 --- a/ref-implementation/openbao.yaml +++ b/ref-implementation/openbao.yaml @@ -8,9 +8,9 @@ spec: namespace: openbao server: "https://kubernetes.default.svc" source: - repoURL: 'https://github.com/openbao/openbao.git' - targetRevision: main - path: "openbao" + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." project: default syncPolicy: automated: diff --git a/ref-implementation/openbao/manifests/ingress.yaml b/ref-implementation/openbao/manifests/ingress.yaml deleted file mode 100644 index abaf181..0000000 --- a/ref-implementation/openbao/manifests/ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: keycloak-ingress-localhost - namespace: keycloak - annotations: - argocd.argoproj.io/sync-wave: "100" -spec: - ingressClassName: "nginx" - rules: - - host: localhost - http: - paths: - - path: /keycloak - pathType: ImplementationSpecific - backend: - service: - name: keycloak - port: - name: http - - host: cnoe.localtest.me - http: - paths: - - path: /keycloak - pathType: ImplementationSpecific - backend: - service: - name: keycloak - port: - name: http diff --git a/ref-implementation/openbao/manifests/install.yaml b/ref-implementation/openbao/manifests/install.yaml deleted file mode 100644 index ed3b799..0000000 --- a/ref-implementation/openbao/manifests/install.yaml +++ /dev/null @@ -1,164 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: keycloak ---- -apiVersion: v1 -kind: Service -metadata: - name: keycloak - labels: - app: keycloak -spec: - ports: - - name: http - port: 8080 - targetPort: 8080 - selector: - app: keycloak - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: keycloak - name: keycloak - namespace: keycloak - annotations: - argocd.argoproj.io/sync-wave: "10" -spec: - replicas: 1 - selector: - matchLabels: - app: keycloak - template: - metadata: - labels: - app: keycloak - spec: - containers: - - args: - - start-dev - env: - - name: KEYCLOAK_ADMIN - value: cnoe-admin - - name: KEYCLOAK_LOGLEVEL - value: ALL - - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY - value: 'true' - envFrom: - - secretRef: - name: keycloak-config - image: quay.io/keycloak/keycloak:22.0.3 - name: keycloak - ports: - - containerPort: 8080 - name: http - readinessProbe: - httpGet: - path: /keycloak/realms/master - port: 8080 - volumeMounts: - - mountPath: /opt/keycloak/conf - name: keycloak-config - readOnly: true - volumes: - - configMap: - name: keycloak-config - name: keycloak-config ---- -apiVersion: v1 -data: - keycloak.conf: | - # Database - # The database vendor. - db=postgres - - # The username of the database user. - db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres - - # The proxy address forwarding mode if the server is behind a reverse proxy. - proxy=edge - - # hostname configuration - hostname=cnoe.localtest.me - hostname-port=8443 - http-relative-path=keycloak - - # the admin url requires its own configuration to reflect correct url - hostname-admin=cnoe.localtest.me:8443 - - hostname-debug=true - - # this should only be allowed in development. NEVER in production. - hostname-strict=false - hostname-strict-backchannel=false - - -kind: ConfigMap -metadata: - name: keycloak-config - namespace: keycloak ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgresql - name: postgresql - namespace: keycloak -spec: - clusterIP: None - ports: - - name: postgres - port: 5432 - selector: - app: postgresql ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app: postgresql - name: postgresql - namespace: keycloak -spec: - replicas: 1 - selector: - matchLabels: - app: postgresql - serviceName: service-postgresql - template: - metadata: - labels: - app: postgresql - spec: - containers: - - envFrom: - - secretRef: - name: keycloak-config - image: docker.io/library/postgres:15.3-alpine3.18 - name: postgres - ports: - - containerPort: 5432 - name: postgresdb - resources: - limits: - memory: 500Mi - requests: - cpu: 100m - memory: 300Mi - volumeMounts: - - name: data - mountPath: /var/lib/postgresql/data - volumeClaimTemplates: - - metadata: - name: data - spec: - accessModes: ["ReadWriteOnce"] - resources: - requests: - storage: "500Mi" - diff --git a/ref-implementation/openbao/manifests/keycloak-config.yaml b/ref-implementation/openbao/manifests/keycloak-config.yaml deleted file mode 100644 index 4bb098e..0000000 --- a/ref-implementation/openbao/manifests/keycloak-config.yaml +++ /dev/null @@ -1,366 +0,0 @@ -# resources here are used to configure keycloak instance for SSO -apiVersion: v1 -kind: ServiceAccount -metadata: - name: keycloak-config - namespace: keycloak ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: keycloak-config - namespace: keycloak -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "create", "update", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: keycloak-config - namespace: keycloak -subjects: - - kind: ServiceAccount - name: keycloak-config - namespace: keycloak -roleRef: - kind: Role - name: keycloak-config - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: keycloak-config - namespace: argocd -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: keycloak-config - namespace: argocd -subjects: - - kind: ServiceAccount - name: keycloak-config - namespace: keycloak -roleRef: - kind: Role - name: keycloak-config - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-job - namespace: keycloak -data: - client-scope-groups-payload.json: | - { - "name": "groups", - "description": "groups a user belongs to", - "attributes": { - "consent.screen.text": "Access to groups a user belongs to.", - "display.on.consent.screen": "true", - "include.in.token.scope": "true", - "gui.order": "" - }, - "type": "default", - "protocol": "openid-connect" - } - group-admin-payload.json: | - {"name":"admin"} - group-base-user-payload.json: | - {"name":"base-user"} - group-mapper-payload.json: | - { - "protocol": "openid-connect", - "protocolMapper": "oidc-group-membership-mapper", - "name": "groups", - "config": { - "claim.name": "groups", - "full.path": "false", - "id.token.claim": "true", - "access.token.claim": "true", - "userinfo.token.claim": "true" - } - } - realm-payload.json: | - {"realm":"cnoe","enabled":true} - user-password.json: | - { - "temporary": false, - "type": "password", - "value": "${USER1_PASSWORD}" - } - user-user1.json: | - { - "username": "user1", - "email": "", - "firstName": "user", - "lastName": "one", - "requiredActions": [], - "emailVerified": false, - "groups": [ - "/admin" - ], - "enabled": true - } - user-user2.json: | - { - "username": "user2", - "email": "", - "firstName": "user", - "lastName": "two", - "requiredActions": [], - "emailVerified": false, - "groups": [ - "/base-user" - ], - "enabled": true - } - argo-client-payload.json: | - { - "protocol": "openid-connect", - "clientId": "argo-workflows", - "name": "Argo Workflows Client", - "description": "Used for Argo Workflows SSO", - "publicClient": false, - "authorizationServicesEnabled": false, - "serviceAccountsEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "standardFlowEnabled": true, - "frontchannelLogout": true, - "attributes": { - "saml_idp_initiated_sso_url_name": "", - "oauth2.device.authorization.grant.enabled": false, - "oidc.ciba.grant.enabled": false - }, - "alwaysDisplayInConsole": false, - "rootUrl": "", - "baseUrl": "", - "redirectUris": [ - "https://cnoe.localtest.me:8443/argo-workflows/oauth2/callback" - ], - "webOrigins": [ - "/*" - ] - } - - backstage-client-payload.json: | - { - "protocol": "openid-connect", - "clientId": "backstage", - "name": "Backstage Client", - "description": "Used for Backstage SSO", - "publicClient": false, - "authorizationServicesEnabled": false, - "serviceAccountsEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "standardFlowEnabled": true, - "frontchannelLogout": true, - "attributes": { - "saml_idp_initiated_sso_url_name": "", - "oauth2.device.authorization.grant.enabled": false, - "oidc.ciba.grant.enabled": false - }, - "alwaysDisplayInConsole": false, - "rootUrl": "", - "baseUrl": "", - "redirectUris": [ - "https://cnoe.localtest.me:8443/api/auth/keycloak-oidc/handler/frame" - ], - "webOrigins": [ - "/*" - ] - } - ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: config - namespace: keycloak - annotations: - argocd.argoproj.io/hook: PostSync -spec: - template: - metadata: - generateName: config - spec: - serviceAccountName: keycloak-config - restartPolicy: Never - volumes: - - name: keycloak-config - secret: - secretName: keycloak-config - - name: config-payloads - configMap: - name: config-job - containers: - - name: kubectl - image: docker.io/library/ubuntu:22.04 - volumeMounts: - - name: keycloak-config - readOnly: true - mountPath: "/var/secrets/" - - name: config-payloads - readOnly: true - mountPath: "/var/config/" - command: ["/bin/bash", "-c"] - args: - - | - #! /bin/bash - - set -ex -o pipefail - - apt -qq update && apt -qq install curl jq -y - - ADMIN_PASSWORD=$(cat /var/secrets/KEYCLOAK_ADMIN_PASSWORD) - USER1_PASSWORD=$(cat /var/secrets/USER_PASSWORD) - - KEYCLOAK_URL=http://keycloak.keycloak.svc.cluster.local:8080/keycloak - - KEYCLOAK_TOKEN=$(curl -sS --fail-with-body -X POST -H "Content-Type: application/x-www-form-urlencoded" \ - --data-urlencode "username=cnoe-admin" \ - --data-urlencode "password=${ADMIN_PASSWORD}" \ - --data-urlencode "grant_type=password" \ - --data-urlencode "client_id=admin-cli" \ - ${KEYCLOAK_URL}/realms/master/protocol/openid-connect/token | jq -e -r '.access_token') - - set +e - - curl --fail-with-body -H "Authorization: bearer ${KEYCLOAK_TOKEN}" "${KEYCLOAK_URL}/admin/realms/cnoe" &> /dev/null - if [ $? -eq 0 ]; then - exit 0 - fi - set -e - - curl -sS -LO "https://dl.k8s.io/release/v1.28.3//bin/linux/amd64/kubectl" - chmod +x kubectl - - echo "creating cnoe realm and groups" - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/realm-payload.json \ - ${KEYCLOAK_URL}/admin/realms - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/client-scope-groups-payload.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/group-admin-payload.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/groups - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/group-base-user-payload.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/groups - - # Create scope mapper - echo 'adding group claim to tokens' - CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/group-mapper-payload.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes/${CLIENT_SCOPE_GROUPS_ID}/protocol-mappers/models - - echo "creating test users" - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/user-user1.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/users - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/user-user2.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/users - - USER1ID=$(curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" "${KEYCLOAK_URL}/admin/realms/cnoe/users?lastName=one" | jq -r '.[0].id') - USER2ID=$(curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" "${KEYCLOAK_URL}/admin/realms/cnoe/users?lastName=two" | jq -r '.[0].id') - - echo "setting user passwords" - jq -r --arg pass ${USER1_PASSWORD} '.value = $pass' /var/config/user-password.json > /tmp/user-password-to-be-applied.json - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X PUT --data @/tmp/user-password-to-be-applied.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/users/${USER1ID}/reset-password - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X PUT --data @/tmp/user-password-to-be-applied.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/users/${USER2ID}/reset-password - - echo "creating Argo Workflows client" - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/argo-client-payload.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/clients - - CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "argo-workflows") | .id') - CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') - - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID} - - ARGO_WORKFLOWS_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret') - - echo "creating Backstage client" - curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X POST --data @/var/config/backstage-client-payload.json \ - ${KEYCLOAK_URL}/admin/realms/cnoe/clients - - CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "backstage") | .id') - - CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') - curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID} - - BACKSTAGE_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \ - -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ - -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret') - - ARGOCD_PASSWORD=$(./kubectl -n argocd get secret argocd-initial-admin-secret -o go-template='{{.data.password | base64decode }}') - - ARGOCD_SESSION_TOKEN=$(curl -k -sS http://argocd-server.argocd.svc.cluster.local:443/api/v1/session -H 'Content-Type: application/json' -d "{\"username\":\"admin\",\"password\":\"${ARGOCD_PASSWORD}\"}" | jq -r .token) - - echo \ - "apiVersion: v1 - kind: Secret - metadata: - name: keycloak-clients - namespace: keycloak - type: Opaque - stringData: - ARGO_WORKFLOWS_CLIENT_SECRET: ${ARGO_WORKFLOWS_CLIENT_SECRET} - ARGO_WORKFLOWS_CLIENT_ID: argo-workflows - ARGOCD_SESSION_TOKEN: ${ARGOCD_SESSION_TOKEN} - BACKSTAGE_CLIENT_SECRET: ${BACKSTAGE_CLIENT_SECRET} - BACKSTAGE_CLIENT_ID: backstage - " > /tmp/secret.yaml - - ./kubectl apply -f /tmp/secret.yaml - diff --git a/ref-implementation/openbao/manifests/manifest.yml b/ref-implementation/openbao/manifests/manifest.yml new file mode 100644 index 0000000..8ec577d --- /dev/null +++ b/ref-implementation/openbao/manifests/manifest.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/ref-implementation/openbao/manifests/secret-gen.yaml b/ref-implementation/openbao/manifests/secret-gen.yaml deleted file mode 100644 index f7bf8c9..0000000 --- a/ref-implementation/openbao/manifests/secret-gen.yaml +++ /dev/null @@ -1,179 +0,0 @@ -apiVersion: generators.external-secrets.io/v1alpha1 -kind: Password -metadata: - name: keycloak - namespace: keycloak -spec: - length: 36 - digits: 5 - symbols: 5 - symbolCharacters: "/-+" - noUpper: false - allowRepeat: true ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: keycloak-config - namespace: keycloak -spec: - refreshInterval: "0" - target: - name: keycloak-config - template: - metadata: - labels: - cnoe.io/cli-secret: "true" - cnoe.io/package-name: keycloak - engineVersion: v2 - data: - KEYCLOAK_ADMIN_PASSWORD: "{{.KEYCLOAK_ADMIN_PASSWORD}}" - KC_DB_USERNAME: keycloak - KC_DB_PASSWORD: "{{.KC_DB_PASSWORD}}" - POSTGRES_DB: keycloak - POSTGRES_USER: keycloak - POSTGRES_PASSWORD: "{{.KC_DB_PASSWORD}}" - USER_PASSWORD: "{{.USER_PASSWORD}}" - dataFrom: - - sourceRef: - generatorRef: - apiVersion: generators.external-secrets.io/v1alpha1 - kind: Password - name: keycloak - rewrite: - - transform: - template: "KEYCLOAK_ADMIN_PASSWORD" - - sourceRef: - generatorRef: - apiVersion: generators.external-secrets.io/v1alpha1 - kind: Password - name: keycloak - rewrite: - - transform: - template: "KC_DB_PASSWORD" - - sourceRef: - generatorRef: - apiVersion: generators.external-secrets.io/v1alpha1 - kind: Password - name: keycloak - rewrite: - - transform: - template: "USER_PASSWORD" ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eso-store - namespace: keycloak ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: keycloak - name: eso-store -rules: - - apiGroups: [""] - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - authorization.k8s.io - resources: - - selfsubjectrulesreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: eso-store - namespace: keycloak -subjects: - - kind: ServiceAccount - name: eso-store - namespace: keycloak -roleRef: - kind: Role - name: eso-store - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: keycloak -spec: - provider: - kubernetes: - remoteNamespace: keycloak - server: - caProvider: - type: ConfigMap - name: kube-root-ca.crt - namespace: keycloak - key: ca.crt - auth: - serviceAccount: - name: eso-store - namespace: keycloak ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eso-store - namespace: gitea ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: eso-store - namespace: gitea -rules: - - apiGroups: [""] - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - authorization.k8s.io - resources: - - selfsubjectrulesreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: eso-store - namespace: gitea -subjects: - - kind: ServiceAccount - name: eso-store - namespace: gitea -roleRef: - kind: Role - name: eso-store - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: gitea -spec: - provider: - kubernetes: - remoteNamespace: gitea - server: - caProvider: - type: ConfigMap - name: kube-root-ca.crt - namespace: gitea - key: ca.crt - auth: - serviceAccount: - name: eso-store - namespace: gitea From 8720cfd633526d75a929ff12fc1362000b953f6d Mon Sep 17 00:00:00 2001 From: miwr Date: Tue, 12 Nov 2024 11:53:48 +0100 Subject: [PATCH 08/14] let's go --- .../manifests/manifest_20241112112033.yml | 42 +++++++++++++++++ .../manifests/manifest_20241112114625.yml | 43 ++++++++++++++++++ .../manifests/manifest_20241112114627.yml | 43 ++++++++++++++++++ .../manifests/manifest_20241112114630.yml | 45 +++++++++++++++++++ .../openbao/manifests/manifest.yml | 10 +++++ 5 files changed, 183 insertions(+) create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112112033.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112114625.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112114627.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112114630.yml diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112112033.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112112033.yml new file mode 100644 index 0000000..1b22ab8 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112112033.yml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112114625.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112114625.yml new file mode 100644 index 0000000..ad22ff4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112114625.yml @@ -0,0 +1,43 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112114627.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112114627.yml new file mode 100644 index 0000000..cddcbef --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112114627.yml @@ -0,0 +1,43 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112114630.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112114630.yml new file mode 100644 index 0000000..aa8e5ea --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112114630.yml @@ -0,0 +1,45 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/ref-implementation/openbao/manifests/manifest.yml b/ref-implementation/openbao/manifests/manifest.yml index 8ec577d..aa8e5ea 100644 --- a/ref-implementation/openbao/manifests/manifest.yml +++ b/ref-implementation/openbao/manifests/manifest.yml @@ -1,3 +1,10 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + apiVersion: apps/v1 kind: Deployment metadata: @@ -18,6 +25,9 @@ spec: image: openbao/openbao:latest # Replace with the actual image ports: - containerPort: 8200 + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" --- apiVersion: v1 From 575cbbbfa887fddffe2494dc27c2d6d1c0c33526 Mon Sep 17 00:00:00 2001 From: miwr Date: Tue, 12 Nov 2024 13:54:10 +0100 Subject: [PATCH 09/14] loadBalancer --- .../manifests/install_20241111142553.yaml | 164 +++++++++++++++++ .../manifests/install_20241112125306.yaml | 165 ++++++++++++++++++ .../manifests/install_20241112125311.yaml | 165 ++++++++++++++++++ .../manifests/install_20241112125315.yaml | 165 ++++++++++++++++++ .../manifests/install_20241112125321.yaml | 164 +++++++++++++++++ .../manifests/install_20241112125401.yaml | 164 +++++++++++++++++ .../manifests/install_20241112125405.yaml | 164 +++++++++++++++++ .../manifests/ingress_20241112130717.yaml | 0 .../manifests/ingress_20241112130720.yaml | 30 ++++ .../manifests/ingress_20241112130742.yaml | 27 +++ .../manifests/ingress_20241112130743.yaml | 30 ++++ .../manifests/ingress_20241112130751.yaml | 28 +++ .../manifests/ingress_20241112130756.yaml | 28 +++ .../manifests/ingress_20241112130759.yaml | 28 +++ .../manifests/ingress_20241112130902.yaml | 28 +++ .../manifests/ingress_20241112130904.yaml | 28 +++ .../manifests/ingress_20241112130913.yaml | 28 +++ .../manifests/ingress_20241112132252.yaml | 19 ++ .../manifests/ingress_20241112132258.yaml | 18 ++ .../manifests/ingress_20241112132302.yaml | 18 ++ .../manifests/ingress_20241112132304.yaml | 18 ++ .../manifests/ingress_20241112132310.yaml | 18 ++ .../manifests/ingress_20241112132312.yaml | 18 ++ .../manifests/ingress_20241112132315.yaml | 18 ++ .../manifests/ingress_20241112132318.yaml | 18 ++ .../manifests/ingress_20241112132320.yaml | 18 ++ .../manifests/ingress_20241112132340.yaml | 18 ++ .../manifests/ingress_20241112132445.yaml | 18 ++ .../manifests/ingress_20241112132617.yaml | 18 ++ .../manifests/ingress_20241112132620.yaml | 18 ++ .../manifests/ingress_20241112132622.yaml | 18 ++ .../manifests/ingress_20241112132648.yaml | 18 ++ .../manifests/ingress_20241112133726.yaml | 0 .../manifests/ingress_20241112133806.yaml | 18 ++ .../manifests/ingress_20241112135400.yaml | 18 ++ .../manifests/manifest_20241112121944.yml | 46 +++++ .../manifests/manifest_20241112121955.yml | 46 +++++ .../manifests/manifest_20241112125415.yml | 47 +++++ .../manifests/manifest_20241112125417.yml | 47 +++++ .../manifests/manifest_20241112125534.yml | 48 +++++ .../manifests/manifest_20241112125538.yml | 48 +++++ .../manifests/manifest_20241112125540.yml | 48 +++++ .../manifests/manifest_20241112125545.yml | 48 +++++ .../manifests/manifest_20241112125549.yml | 48 +++++ .../manifests/manifest_20241112125552.yml | 48 +++++ .../manifests/manifest_20241112125553.yml | 48 +++++ .../manifests/manifest_20241112125604.yml | 47 +++++ .../manifests/manifest_20241112125613.yml | 48 +++++ .../manifests/manifest_20241112125615.yml | 48 +++++ .../manifests/manifest_20241112125617.yml | 48 +++++ .../manifests/manifest_20241112125618.yml | 48 +++++ .../manifests/manifest_20241112125627.yml | 48 +++++ .../manifests/manifest_20241112125629.yml | 48 +++++ .../manifests/manifest_20241112125633.yml | 48 +++++ .../manifests/manifest_20241112133731.yml | 50 ++++++ .../manifests/manifest_20241112133734.yml | 50 ++++++ .../manifests/manifest_20241112133738.yml | 52 ++++++ .../manifests/manifest_20241112133739.yml | 70 ++++++++ .../manifests/manifest_20241112133740.yml | 70 ++++++++ .../manifests/manifest_20241112133804.yml | 48 +++++ .../manifests/manifest_20241112133833.yml | 48 +++++ .../manifests/manifest_20241112133859.yml | 48 +++++ .../manifests/manifest_20241112134239.yml | 49 ++++++ .../manifests/manifest_20241112134258.yml | 49 ++++++ .../manifests/manifest_20241112134322.yml | 49 ++++++ .../manifests/manifest_20241112134324.yml | 49 ++++++ .../manifests/manifest_20241112134335.yml | 49 ++++++ .../manifests/manifest_20241112134407.yml | 49 ++++++ .../manifests/manifest_20241112134409.yml | 49 ++++++ .../manifests/manifest_20241112134417.yml | 49 ++++++ .../manifests/manifest_20241112134421.yml | 49 ++++++ .../manifests/manifest_20241112134425.yml | 49 ++++++ .../manifests/manifest_20241112134434.yml | 49 ++++++ .../manifests/manifest_20241112134440.yml | 49 ++++++ .../manifests/manifest_20241112134443.yml | 49 ++++++ .../manifests/manifest_20241112134912.yml | 49 ++++++ .../manifests/manifest_20241112134953.yml | 49 ++++++ .../manifests/manifest_20241112135014.yml | 50 ++++++ .../manifests/manifest_20241112135016.yml | 50 ++++++ .../manifests/manifest_20241112135019.yml | 50 ++++++ .../manifests/manifest_20241112135021.yml | 50 ++++++ .../manifests/manifest_20241112135022.yml | 50 ++++++ .../manifests/manifest_20241112135048.yml | 50 ++++++ .../manifests/manifest_20241112135059.yml | 50 ++++++ .../manifests/manifest_20241112135112.yml | 50 ++++++ .../manifests/manifest_20241112135129.yml | 50 ++++++ .../manifests/manifest_20241112135138.yml | 50 ++++++ .../openbao/manifests/ingress.yaml | 18 ++ .../openbao/manifests/manifest.yml | 15 +- 89 files changed, 4317 insertions(+), 5 deletions(-) create mode 100644 .history/ref-implementation/keycloak/manifests/install_20241111142553.yaml create mode 100644 .history/ref-implementation/keycloak/manifests/install_20241112125306.yaml create mode 100644 .history/ref-implementation/keycloak/manifests/install_20241112125311.yaml create mode 100644 .history/ref-implementation/keycloak/manifests/install_20241112125315.yaml create mode 100644 .history/ref-implementation/keycloak/manifests/install_20241112125321.yaml create mode 100644 .history/ref-implementation/keycloak/manifests/install_20241112125401.yaml create mode 100644 .history/ref-implementation/keycloak/manifests/install_20241112125405.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130717.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130720.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130742.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130743.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130751.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130756.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130759.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130902.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130904.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112130913.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132252.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132258.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132302.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132304.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132310.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132312.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132315.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132318.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132320.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132340.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132445.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132617.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132620.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132622.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112132648.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112133726.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112133806.yaml create mode 100644 .history/ref-implementation/openbao/manifests/ingress_20241112135400.yaml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112121944.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112121955.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125415.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125417.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125534.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125538.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125540.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125545.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125549.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125552.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125553.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125604.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125613.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125615.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125617.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125618.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125627.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125629.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112125633.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133731.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133734.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133738.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133739.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133740.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133804.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133833.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112133859.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134239.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134258.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134322.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134324.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134335.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134407.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134409.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134417.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134421.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134425.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134434.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134440.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134443.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134912.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112134953.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135014.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135016.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135019.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135021.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135022.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135048.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135059.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135112.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135129.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135138.yml create mode 100644 ref-implementation/openbao/manifests/ingress.yaml diff --git a/.history/ref-implementation/keycloak/manifests/install_20241111142553.yaml b/.history/ref-implementation/keycloak/manifests/install_20241111142553.yaml new file mode 100644 index 0000000..ed3b799 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241111142553.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125306.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125306.yaml new file mode 100644 index 0000000..7418140 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125306.yaml @@ -0,0 +1,165 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125311.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125311.yaml new file mode 100644 index 0000000..4e41c0a --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125311.yaml @@ -0,0 +1,165 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125315.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125315.yaml new file mode 100644 index 0000000..213df32 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125315.yaml @@ -0,0 +1,165 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125321.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125321.yaml new file mode 100644 index 0000000..b304101 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125321.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125401.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125401.yaml new file mode 100644 index 0000000..80965f6 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125401.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + + selector: + app: keycloak +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125405.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125405.yaml new file mode 100644 index 0000000..ed3b799 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125405.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130717.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130717.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130720.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130720.yaml new file mode 100644 index 0000000..abaf181 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130720.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak-ingress-localhost + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "100" +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130742.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130742.yaml new file mode 100644 index 0000000..6abab23 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130742.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130743.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130743.yaml new file mode 100644 index 0000000..abaf181 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130743.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak-ingress-localhost + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "100" +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130751.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130751.yaml new file mode 100644 index 0000000..fb5aeb3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130751.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak-ingress-localhost + name: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130756.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130756.yaml new file mode 100644 index 0000000..35a4f35 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130756.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + name: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130759.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130759.yaml new file mode 100644 index 0000000..932955c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130759.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130902.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130902.yaml new file mode 100644 index 0000000..f356af7 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130902.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /openbao + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130904.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130904.yaml new file mode 100644 index 0000000..c4b8374 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130904.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: cnoe://openbao/manifests + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130913.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130913.yaml new file mode 100644 index 0000000..9bacafb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130913.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: cnoe://openbao/manifests + pathType: ImplementationSpecific + backend: + service: + name: openbao + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132252.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132252.yaml new file mode 100644 index 0000000..31fff8f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132252.yaml @@ -0,0 +1,19 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: default + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132258.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132258.yaml new file mode 100644 index 0000000..9f706f3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132258.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: default + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132302.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132302.yaml new file mode 100644 index 0000000..9e9bfcb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132302.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: o + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132304.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132304.yaml new file mode 100644 index 0000000..0e0d97a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132304.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132310.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132310.yaml new file mode 100644 index 0000000..6f33ebd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132310.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: open + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132312.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132312.yaml new file mode 100644 index 0000000..4849eba --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132312.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132315.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132315.yaml new file mode 100644 index 0000000..18f3315 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132315.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132318.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132318.yaml new file mode 100644 index 0000000..754343a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132318.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-local + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132320.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132320.yaml new file mode 100644 index 0000000..7857781 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132320.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132340.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132340.yaml new file mode 100644 index 0000000..e7669f3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132340.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132445.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132445.yaml new file mode 100644 index 0000000..650ab4d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132445.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132617.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132617.yaml new file mode 100644 index 0000000..69be905 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132617.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132620.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132620.yaml new file mode 100644 index 0000000..cc13074 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132620.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132622.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132622.yaml new file mode 100644 index 0000000..9615367 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132622.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132648.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132648.yaml new file mode 100644 index 0000000..9615367 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132648.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112133726.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112133726.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112133806.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112133806.yaml new file mode 100644 index 0000000..9615367 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112133806.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112135400.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112135400.yaml new file mode 100644 index 0000000..f75a03d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112135400.yaml @@ -0,0 +1,18 @@ +# apiVersion: networking.k8s.io/v1 +# kind: Ingress +# metadata: +# name: openbao-ingress-localhost +# namespace: openbao + +# spec: +# rules: +# - host: localhost # Change this to your domain or leave it as is for local development +# http: +# paths: +# - path: "" +# pathType: Exact +# backend: +# service: +# name: openbao +# port: +# number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112121944.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112121944.yml new file mode 100644 index 0000000..badda3f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112121944.yml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + - hostPort: 8200 + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112121955.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112121955.yml new file mode 100644 index 0000000..d20b7b3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112121955.yml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125415.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125415.yml new file mode 100644 index 0000000..a656216 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125415.yml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125417.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125417.yml new file mode 100644 index 0000000..47b44df --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125417.yml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125534.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125534.yml new file mode 100644 index 0000000..0f612be --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125534.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125538.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125538.yml new file mode 100644 index 0000000..4040f40 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125538.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125540.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125540.yml new file mode 100644 index 0000000..ca2a209 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125540.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125545.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125545.yml new file mode 100644 index 0000000..4e2f145 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125545.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125549.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125549.yml new file mode 100644 index 0000000..5607328 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125549.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125552.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125552.yml new file mode 100644 index 0000000..9c90d16 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125552.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125553.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125553.yml new file mode 100644 index 0000000..9ded5d1 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125553.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125604.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125604.yml new file mode 100644 index 0000000..47b44df --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125604.yml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125613.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125613.yml new file mode 100644 index 0000000..fc8bf8c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125613.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125615.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125615.yml new file mode 100644 index 0000000..020d960 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125615.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125617.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125617.yml new file mode 100644 index 0000000..c152d38 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125617.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - po + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125618.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125618.yml new file mode 100644 index 0000000..7f08b85 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125618.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - port: + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125627.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125627.yml new file mode 100644 index 0000000..256cfb6 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125627.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCO + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125629.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125629.yml new file mode 100644 index 0000000..0a3e930 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125629.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125633.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125633.yml new file mode 100644 index 0000000..575777f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125633.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133731.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133731.yml new file mode 100644 index 0000000..6d406a4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133731.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133734.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133734.yml new file mode 100644 index 0000000..b07a1b7 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133734.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133738.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133738.yml new file mode 100644 index 0000000..2bb23c2 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133738.yml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133739.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133739.yml new file mode 100644 index 0000000..04470a4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133739.yml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133740.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133740.yml new file mode 100644 index 0000000..04470a4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133740.yml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133804.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133804.yml new file mode 100644 index 0000000..575777f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133804.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133833.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133833.yml new file mode 100644 index 0000000..6ddb3db --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133833.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133859.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133859.yml new file mode 100644 index 0000000..eeff542 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133859.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134239.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134239.yml new file mode 100644 index 0000000..9bf147d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134239.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134258.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134258.yml new file mode 100644 index 0000000..a4247b3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134258.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + # targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134322.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134322.yml new file mode 100644 index 0000000..9bf147d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134322.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134324.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134324.yml new file mode 100644 index 0000000..b81c1cf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134324.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134335.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134335.yml new file mode 100644 index 0000000..ce84f2e --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134335.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134407.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134407.yml new file mode 100644 index 0000000..bc183db --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134407.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + containerPort:: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134409.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134409.yml new file mode 100644 index 0000000..0f65ec9 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134409.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + containerPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134417.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134417.yml new file mode 100644 index 0000000..ce84f2e --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134417.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134421.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134421.yml new file mode 100644 index 0000000..b81c1cf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134421.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134425.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134425.yml new file mode 100644 index 0000000..b81c1cf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134425.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134434.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134434.yml new file mode 100644 index 0000000..f162211 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134434.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + port: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134440.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134440.yml new file mode 100644 index 0000000..572c07a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134440.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + hos: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134443.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134443.yml new file mode 100644 index 0000000..8ffb033 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134443.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134912.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134912.yml new file mode 100644 index 0000000..f3a5b6f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134912.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134953.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134953.yml new file mode 100644 index 0000000..470a458 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134953.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135014.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135014.yml new file mode 100644 index 0000000..26f238d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135014.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + no + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135016.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135016.yml new file mode 100644 index 0000000..21d3812 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135016.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + NodePort: + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135019.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135019.yml new file mode 100644 index 0000000..f9e2ddd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135019.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + NodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135021.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135021.yml new file mode 100644 index 0000000..f9e2ddd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135021.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + NodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135022.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135022.yml new file mode 100644 index 0000000..f2ea0bd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135022.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135048.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135048.yml new file mode 100644 index 0000000..84881db --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135048.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135059.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135059.yml new file mode 100644 index 0000000..f2ea0bd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135059.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135112.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135112.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135112.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135129.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135129.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135129.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135138.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135138.yml new file mode 100644 index 0000000..2b5441b --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135138.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: LoadBalancer diff --git a/ref-implementation/openbao/manifests/ingress.yaml b/ref-implementation/openbao/manifests/ingress.yaml new file mode 100644 index 0000000..f75a03d --- /dev/null +++ b/ref-implementation/openbao/manifests/ingress.yaml @@ -0,0 +1,18 @@ +# apiVersion: networking.k8s.io/v1 +# kind: Ingress +# metadata: +# name: openbao-ingress-localhost +# namespace: openbao + +# spec: +# rules: +# - host: localhost # Change this to your domain or leave it as is for local development +# http: +# paths: +# - path: "" +# pathType: Exact +# backend: +# service: +# name: openbao +# port: +# number: 8200 # The port to forward to on your service diff --git a/ref-implementation/openbao/manifests/manifest.yml b/ref-implementation/openbao/manifests/manifest.yml index aa8e5ea..2b5441b 100644 --- a/ref-implementation/openbao/manifests/manifest.yml +++ b/ref-implementation/openbao/manifests/manifest.yml @@ -24,10 +24,14 @@ spec: - name: openbao image: openbao/openbao:latest # Replace with the actual image ports: - - containerPort: 8200 - env: - - name: BAO_ADDR - value: "http://0.0.0.0:8200" + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" --- apiVersion: v1 @@ -42,4 +46,5 @@ spec: - protocol: TCP port: 8200 targetPort: 8200 - type: ClusterIP + # nodePort: 30000 + type: LoadBalancer From 111648d78a68611ff4203aec3f1f88a97244dfbe Mon Sep 17 00:00:00 2001 From: miwr Date: Tue, 12 Nov 2024 13:58:55 +0100 Subject: [PATCH 10/14] node port --- .../manifests/manifest_20241112135826.yml | 50 +++++++++++++++++++ .../manifests/manifest_20241112135828.yml | 50 +++++++++++++++++++ .../manifests/manifest_20241112135835.yml | 50 +++++++++++++++++++ .../manifests/manifest_20241112135837.yml | 50 +++++++++++++++++++ .../manifests/manifest_20241112135849.yml | 50 +++++++++++++++++++ .../openbao/manifests/manifest.yml | 4 +- 6 files changed, 252 insertions(+), 2 deletions(-) create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135826.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135828.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135835.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135837.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241112135849.yml diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135826.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135826.yml new file mode 100644 index 0000000..056eceb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135826.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: No diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135828.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135828.yml new file mode 100644 index 0000000..09680c7 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135828.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135835.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135835.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135835.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135837.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135837.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135837.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135849.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135849.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135849.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/ref-implementation/openbao/manifests/manifest.yml b/ref-implementation/openbao/manifests/manifest.yml index 2b5441b..e3e69d3 100644 --- a/ref-implementation/openbao/manifests/manifest.yml +++ b/ref-implementation/openbao/manifests/manifest.yml @@ -46,5 +46,5 @@ spec: - protocol: TCP port: 8200 targetPort: 8200 - # nodePort: 30000 - type: LoadBalancer + nodePort: 30000 + type: NodePort From 9fbea8df451213276ab668db885ced07764c8155 Mon Sep 17 00:00:00 2001 From: miwr Date: Wed, 13 Nov 2024 10:33:41 +0100 Subject: [PATCH 11/14] values.yaml --- .../manifests/manifest_20241113093100.yml | 50 ++++++++++++ .../manifests/manifest_20241113093101.yml | 50 ++++++++++++ .../manifests/manifest_20241113093110.yml | 50 ++++++++++++ .../manifests/manifest_20241113093126.yml | 50 ++++++++++++ .../manifests/manifest_20241113093129.yml | 0 .../manifests/manifest_20241113093614.yml | 50 ++++++++++++ .../manifests/manifest_20241113093615.yml | 50 ++++++++++++ .../manifests/manifest_20241113093618.yml | 50 ++++++++++++ .../manifests/manifest_20241113093621.yml | 50 ++++++++++++ .../manifests/manifest_20241113093625.yml | 50 ++++++++++++ .../manifests/manifest_20241113093821.yml | 52 ++++++++++++ .../manifests/manifest_20241113093826.yml | 52 ++++++++++++ .../manifests/manifest_20241113093827.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113093842.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113093847.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113093851.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113093853.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113093944.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113094042.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113094100.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113094104.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113094154.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113094340.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113094401.yml | 73 +++++++++++++++++ .../manifests/manifest_20241113094647.yml | 81 +++++++++++++++++++ .../manifests/manifest_20241113095157.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113095238.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113095247.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113100517.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113100529.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113100645.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113100725.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113100745.yml | 72 +++++++++++++++++ .../manifests/manifest_20241113100822.yml | 66 +++++++++++++++ .../manifests/manifest_20241113100829.yml | 67 +++++++++++++++ .../manifests/manifest_20241113100833.yml | 67 +++++++++++++++ .../manifests/manifest_20241113100902.yml | 67 +++++++++++++++ .../manifests/manifest_20241113101113.yml | 65 +++++++++++++++ .../openbao/values_20241113103308.yaml | 0 .../openbao/values_20241113103317.yaml | 1 + .../openbao/values_20241113103322.yaml | 1 + .../openbao/values_20241113103326.yaml | 1 + .../openbao_20241113102912.yaml | 27 +++++++ .../openbao_20241113103006.yaml | 27 +++++++ .../openbao_20241113103024.yaml | 27 +++++++ .../openbao_20241113103029.yaml | 27 +++++++ ref-implementation/openbao.yaml | 24 ++++-- .../openbao/manifests/ingress.yaml | 18 ----- ref-implementation/openbao/values.yaml | 1 + 49 files changed, 2546 insertions(+), 26 deletions(-) create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093100.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093101.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093110.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093126.yml rename ref-implementation/openbao/manifests/manifest.yml => .history/ref-implementation/openbao/manifests/manifest_20241113093129.yml (100%) create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093614.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093615.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093618.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093621.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093625.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093821.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093826.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093827.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093842.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093847.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093851.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093853.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113093944.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113094042.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113094100.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113094104.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113094154.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113094340.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113094401.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113094647.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113095157.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113095238.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113095247.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100517.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100529.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100645.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100725.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100745.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100822.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100829.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100833.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113100902.yml create mode 100644 .history/ref-implementation/openbao/manifests/manifest_20241113101113.yml create mode 100644 .history/ref-implementation/openbao/values_20241113103308.yaml create mode 100644 .history/ref-implementation/openbao/values_20241113103317.yaml create mode 100644 .history/ref-implementation/openbao/values_20241113103322.yaml create mode 100644 .history/ref-implementation/openbao/values_20241113103326.yaml create mode 100644 .history/ref-implementation/openbao_20241113102912.yaml create mode 100644 .history/ref-implementation/openbao_20241113103006.yaml create mode 100644 .history/ref-implementation/openbao_20241113103024.yaml create mode 100644 .history/ref-implementation/openbao_20241113103029.yaml delete mode 100644 ref-implementation/openbao/manifests/ingress.yaml create mode 100644 ref-implementation/openbao/values.yaml diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093100.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093100.yml new file mode 100644 index 0000000..a9c388f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093100.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTO + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093101.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093101.yml new file mode 100644 index 0000000..ff5a849 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093101.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093110.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093110.yml new file mode 100644 index 0000000..6c4856f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093110.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: HTTP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093126.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093126.yml new file mode 100644 index 0000000..ff5a849 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093126.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/ref-implementation/openbao/manifests/manifest.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093129.yml similarity index 100% rename from ref-implementation/openbao/manifests/manifest.yml rename to .history/ref-implementation/openbao/manifests/manifest_20241113093129.yml diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093614.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093614.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093614.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093615.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093615.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093615.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093618.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093618.yml new file mode 100644 index 0000000..9b7d979 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093618.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: Load diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093621.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093621.yml new file mode 100644 index 0000000..f11cbce --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093621.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: Loa diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093625.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093625.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093625.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093821.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093821.yml new file mode 100644 index 0000000..2e0b80a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093821.yml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort + + diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093826.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093826.yml new file mode 100644 index 0000000..c5989b8 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093826.yml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093827.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093827.yml new file mode 100644 index 0000000..89d123c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093827.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093842.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093842.yml new file mode 100644 index 0000000..f59a0ac --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093842.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: +--- number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093847.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093847.yml new file mode 100644 index 0000000..f2e7b01 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093847.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + --- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: +--- number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093851.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093851.yml new file mode 100644 index 0000000..376b905 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093851.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + --- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093853.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093853.yml new file mode 100644 index 0000000..c8002fb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093853.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093944.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093944.yml new file mode 100644 index 0000000..49eefae --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093944.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094042.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094042.yml new file mode 100644 index 0000000..0cb99bc --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094042.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: "" + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094100.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094100.yml new file mode 100644 index 0000000..c8002fb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094100.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094104.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094104.yml new file mode 100644 index 0000000..49eefae --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094104.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094154.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094154.yml new file mode 100644 index 0000000..f879eda --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094154.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094340.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094340.yml new file mode 100644 index 0000000..dbce7b6 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094340.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: localhost/openbao + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094401.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094401.yml new file mode 100644 index 0000000..f879eda --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094401.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094647.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094647.yml new file mode 100644 index 0000000..2b6727e --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094647.yml @@ -0,0 +1,81 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: /ui + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 + # Optional: Redirect root `/` path to `/ui` + - path: / + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113095157.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113095157.yml new file mode 100644 index 0000000..335bdaf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113095157.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost # Or replace with your custom hostname if using /etc/hosts + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113095238.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113095238.yml new file mode 100644 index 0000000..809d96c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113095238.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost # Or replace with your custom hostname if using /etc/hosts + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 30000 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113095247.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113095247.yml new file mode 100644 index 0000000..335bdaf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113095247.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost # Or replace with your custom hostname if using /etc/hosts + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100517.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100517.yml new file mode 100644 index 0000000..2efa4bf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100517.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100529.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100529.yml new file mode 100644 index 0000000..bb50907 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100529.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100645.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100645.yml new file mode 100644 index 0000000..ea5af0d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100645.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100725.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100725.yml new file mode 100644 index 0000000..6ae7008 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100725.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: ImplementationSpecific + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100745.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100745.yml new file mode 100644 index 0000000..ea5af0d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100745.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100822.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100822.yml new file mode 100644 index 0000000..6d528b0 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100822.yml @@ -0,0 +1,66 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100829.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100829.yml new file mode 100644 index 0000000..a61d0b3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100829.yml @@ -0,0 +1,67 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100833.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100833.yml new file mode 100644 index 0000000..6ed5ca2 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100833.yml @@ -0,0 +1,67 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100902.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100902.yml new file mode 100644 index 0000000..fa08302 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100902.yml @@ -0,0 +1,67 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + # type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113101113.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113101113.yml new file mode 100644 index 0000000..d9f9c28 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113101113.yml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113103308.yaml b/.history/ref-implementation/openbao/values_20241113103308.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/openbao/values_20241113103317.yaml b/.history/ref-implementation/openbao/values_20241113103317.yaml new file mode 100644 index 0000000..30d74d2 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113103317.yaml @@ -0,0 +1 @@ +test \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113103322.yaml b/.history/ref-implementation/openbao/values_20241113103322.yaml new file mode 100644 index 0000000..23f90b4 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113103322.yaml @@ -0,0 +1 @@ +test:123 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113103326.yaml b/.history/ref-implementation/openbao/values_20241113103326.yaml new file mode 100644 index 0000000..07fb25f --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113103326.yaml @@ -0,0 +1 @@ +test: 123 \ No newline at end of file diff --git a/.history/ref-implementation/openbao_20241113102912.yaml b/.history/ref-implementation/openbao_20241113102912.yaml new file mode 100644 index 0000000..164c5fb --- /dev/null +++ b/.history/ref-implementation/openbao_20241113102912.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/argoproj/argo-helm + path: charts/argo-cd + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/.history/ref-implementation/openbao_20241113103006.yaml b/.history/ref-implementation/openbao_20241113103006.yaml new file mode 100644 index 0000000..4879383 --- /dev/null +++ b/.history/ref-implementation/openbao_20241113103006.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/argo-cd + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/.history/ref-implementation/openbao_20241113103024.yaml b/.history/ref-implementation/openbao_20241113103024.yaml new file mode 100644 index 0000000..dbd59b5 --- /dev/null +++ b/.history/ref-implementation/openbao_20241113103024.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/.history/ref-implementation/openbao_20241113103029.yaml b/.history/ref-implementation/openbao_20241113103029.yaml new file mode 100644 index 0000000..8d66475 --- /dev/null +++ b/.history/ref-implementation/openbao_20241113103029.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/openbao/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/ref-implementation/openbao.yaml b/ref-implementation/openbao.yaml index d06ab5e..8d66475 100644 --- a/ref-implementation/openbao.yaml +++ b/ref-implementation/openbao.yaml @@ -1,19 +1,27 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: openbao + name: argocd namespace: argocd + labels: + env: dev spec: - destination: - namespace: openbao - server: "https://kubernetes.default.svc" - source: - repoURL: cnoe://openbao/manifests - targetRevision: HEAD - path: "." project: default syncPolicy: automated: selfHeal: true syncOptions: - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/openbao/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/ref-implementation/openbao/manifests/ingress.yaml b/ref-implementation/openbao/manifests/ingress.yaml deleted file mode 100644 index f75a03d..0000000 --- a/ref-implementation/openbao/manifests/ingress.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# apiVersion: networking.k8s.io/v1 -# kind: Ingress -# metadata: -# name: openbao-ingress-localhost -# namespace: openbao - -# spec: -# rules: -# - host: localhost # Change this to your domain or leave it as is for local development -# http: -# paths: -# - path: "" -# pathType: Exact -# backend: -# service: -# name: openbao -# port: -# number: 8200 # The port to forward to on your service diff --git a/ref-implementation/openbao/values.yaml b/ref-implementation/openbao/values.yaml new file mode 100644 index 0000000..07fb25f --- /dev/null +++ b/ref-implementation/openbao/values.yaml @@ -0,0 +1 @@ +test: 123 \ No newline at end of file From 384dff1c3e52ee4ecc91bb94e13de17881fe4302 Mon Sep 17 00:00:00 2001 From: miwr Date: Wed, 13 Nov 2024 10:45:28 +0100 Subject: [PATCH 12/14] test --- .../openbao_20241113104501.yaml | 27 +++++++++++++++++++ ref-implementation/openbao.yaml | 6 ++--- 2 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 .history/ref-implementation/openbao_20241113104501.yaml diff --git a/.history/ref-implementation/openbao_20241113104501.yaml b/.history/ref-implementation/openbao_20241113104501.yaml new file mode 100644 index 0000000..b2e7e7f --- /dev/null +++ b/.history/ref-implementation/openbao_20241113104501.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/openbao/values.yaml + # - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + # targetRevision: HEAD + # ref: values diff --git a/ref-implementation/openbao.yaml b/ref-implementation/openbao.yaml index 8d66475..b2e7e7f 100644 --- a/ref-implementation/openbao.yaml +++ b/ref-implementation/openbao.yaml @@ -22,6 +22,6 @@ spec: helm: valueFiles: - $values/stacks/core/openbao/values.yaml - - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot - targetRevision: HEAD - ref: values + # - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + # targetRevision: HEAD + # ref: values From 71223f2f6726c8eb4726af82e2fa757402f59d77 Mon Sep 17 00:00:00 2001 From: miwr Date: Wed, 13 Nov 2024 10:51:48 +0100 Subject: [PATCH 13/14] global: domain: cnoe.localtest.me --- .history/ref-implementation/openbao/values_20241113105141.yaml | 2 ++ .history/ref-implementation/openbao/values_20241113105142.yaml | 2 ++ ref-implementation/openbao/values.yaml | 3 ++- 3 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 .history/ref-implementation/openbao/values_20241113105141.yaml create mode 100644 .history/ref-implementation/openbao/values_20241113105142.yaml diff --git a/.history/ref-implementation/openbao/values_20241113105141.yaml b/.history/ref-implementation/openbao/values_20241113105141.yaml new file mode 100644 index 0000000..623e208 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113105141.yaml @@ -0,0 +1,2 @@ +global: + domain: cnoe.localtest.me \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113105142.yaml b/.history/ref-implementation/openbao/values_20241113105142.yaml new file mode 100644 index 0000000..623e208 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113105142.yaml @@ -0,0 +1,2 @@ +global: + domain: cnoe.localtest.me \ No newline at end of file diff --git a/ref-implementation/openbao/values.yaml b/ref-implementation/openbao/values.yaml index 07fb25f..623e208 100644 --- a/ref-implementation/openbao/values.yaml +++ b/ref-implementation/openbao/values.yaml @@ -1 +1,2 @@ -test: 123 \ No newline at end of file +global: + domain: cnoe.localtest.me \ No newline at end of file From d8104418cffb81a422682c9ddf54d70070782bc6 Mon Sep 17 00:00:00 2001 From: "Michal.Wrobel" Date: Wed, 13 Nov 2024 09:58:36 +0000 Subject: [PATCH 14/14] ref-implementation/openbao.yaml aktualisiert --- ref-implementation/openbao.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ref-implementation/openbao.yaml b/ref-implementation/openbao.yaml index b2e7e7f..c30e2dd 100644 --- a/ref-implementation/openbao.yaml +++ b/ref-implementation/openbao.yaml @@ -1,7 +1,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: argocd + name: openbao namespace: argocd labels: env: dev @@ -14,7 +14,7 @@ spec: - CreateNamespace=true destination: name: in-cluster - namespace: argocd + namespace: openbao sources: - repoURL: https://github.com/openbao/openbao-helm.git path: charts/openbao @@ -22,6 +22,6 @@ spec: helm: valueFiles: - $values/stacks/core/openbao/values.yaml - # - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot - # targetRevision: HEAD - # ref: values + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values